Categories

osCommerce Attacks

Malicious hackers are always looking to exploit software used by website owners to power their websites. One popular type of application that malicious hackers target is shopping carts, like osCommerce. This allows them to compromise a large number of websites using the software, infecting the visitors to these sites with malware.

We have described how malicious hackers exploit osCommerce installations in a past article. This post details a new piece of malware that is affecting osCommerce websites.

The attack
Shopping carts like osCommerce are prime targets for malicious hackers since they are widely used, store a plethora of sensitive information, and are prime vector to embed malware on a website to infect visitors and customers.

A recent trend is to display fake Anti-Virus pop up advertisements to visitors of a site when they land on an infected webpage. The following websites are being used to distribute the fake Anti-Virus malware.

Compromised websites in the wild
One example of a site infected with this specific malware is: www.surfmonster.co.uk. Take a look at the code below to see how the malware has been appended to the JavaScript.

Recommended steps
First, remove the malware. Then, upgrade your installation of osCommerce and analyze your website for application vulnerabilities. Additionally, securing the permission settings of your “admin” directory or renaming the directory to a value different than the default can mitigate automated attacks.

How do I protect my site?
Malicious hackers are constantly changing their tactics in order to evade detection and to continue to infect unsuspecting users. It is imperative to keep up-to-date on the latest ways that infections are spreading to legitimate websites.

StopTheHacker.com customers are protected against these kind of threats. If you would like more information on how to protect your website, please feel free to contact us. You can also visit our services page to protect your website now.